1. Field of the Invention
This invention relates to securing data that is used on a computing device. More particularly, this invention relates to prevention of side channel attacks that could lead to unauthorized access to information or information protection features on a computing device.
2. Description of the Related Art
Embedded security refers to security features built into a device, including physical tamper-resistance features, cryptographic keys and algorithms. Embedded security features can be found today on a variety of computing devices, e.g., personal computers and servers, cellular telephones, set-top boxes, and many appliances. The present invention is largely concerned with protection of data generally, and cryptographic keys in particular. The meanings of acronyms used in this disclosure are given in Table 1.
TABLE 1Acronyms and AbbreviationsAESAdvanced Encryption StandardCPUCentral Processing UnitDRAMDynamic Random Access MemoryMODModulo OperatorRAMRandom Access MemoryRSARivest, Shamir, & AdlemanXORExclusive Or Operator
Nevertheless, such devices are potentially vulnerable to cache attacks, a form of side channel attack, in which inter-process leakage through the state of a memory cache reveals memory access patterns. Such patterns can be used for analysis of cryptographic primitives that employ data-dependent table lookups.